[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20241106003742.399240-1-zijianzhang@bytedance.com>
Date: Wed, 6 Nov 2024 00:37:42 +0000
From: zijianzhang@...edance.com
To: bpf@...r.kernel.org
Cc: martin.lau@...ux.dev,
borisp@...dia.com,
john.fastabend@...il.com,
kuba@...nel.org,
davem@...emloft.net,
edumazet@...gle.com,
pabeni@...hat.com,
horms@...nel.org,
mst@...hat.com,
sgarzare@...hat.com,
bobby.eshleman@...edance.com,
jakub@...udflare.com,
andrii@...nel.org,
cong.wang@...edance.com,
jiang.wang@...edance.com,
netdev@...r.kernel.org,
Zijian Zhang <zijianzhang@...edance.com>,
Stanislav Fomichev <sdf@...ichev.me>
Subject: [PATCH v3 bpf] bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx
From: Zijian Zhang <zijianzhang@...edance.com>
As the introduction of the support for vsock and unix sockets in sockmap,
tls_sw_has_ctx_tx/rx cannot presume the socket passed in must be IS_ICSK.
vsock and af_unix sockets have vsock_sock and unix_sock instead of
inet_connection_sock. For these sockets, tls_get_ctx may return an invalid
pointer and cause page fault in function tls_sw_ctx_rx.
BUG: unable to handle page fault for address: 0000000000040030
Workqueue: vsock-loopback vsock_loopback_work
RIP: 0010:sk_psock_strp_data_ready+0x23/0x60
Call Trace:
? __die+0x81/0xc3
? no_context+0x194/0x350
? do_page_fault+0x30/0x110
? async_page_fault+0x3e/0x50
? sk_psock_strp_data_ready+0x23/0x60
virtio_transport_recv_pkt+0x750/0x800
? update_load_avg+0x7e/0x620
vsock_loopback_work+0xd0/0x100
process_one_work+0x1a7/0x360
worker_thread+0x30/0x390
? create_worker+0x1a0/0x1a0
kthread+0x112/0x130
? __kthread_cancel_work+0x40/0x40
ret_from_fork+0x1f/0x40
v2:
- Add IS_ICSK check
v3:
- Update the commits in Fixes
Fixes: 634f1a7110b4 ("vsock: support sockmap")
Fixes: 94531cfcbe79 ("af_unix: Add unix_stream_proto for sockmap")
Signed-off-by: Zijian Zhang <zijianzhang@...edance.com>
Acked-by: Stanislav Fomichev <sdf@...ichev.me>
Acked-by: Jakub Kicinski <kuba@...nel.org>
Reviewed-by: Cong Wang <cong.wang@...edance.com>
---
include/net/tls.h | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/include/net/tls.h b/include/net/tls.h
index 3a33924db2bc..61fef2880114 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -390,8 +390,12 @@ tls_offload_ctx_tx(const struct tls_context *tls_ctx)
static inline bool tls_sw_has_ctx_tx(const struct sock *sk)
{
- struct tls_context *ctx = tls_get_ctx(sk);
+ struct tls_context *ctx;
+
+ if (!sk_is_inet(sk) || !inet_test_bit(IS_ICSK, sk))
+ return false;
+ ctx = tls_get_ctx(sk);
if (!ctx)
return false;
return !!tls_sw_ctx_tx(ctx);
@@ -399,8 +403,12 @@ static inline bool tls_sw_has_ctx_tx(const struct sock *sk)
static inline bool tls_sw_has_ctx_rx(const struct sock *sk)
{
- struct tls_context *ctx = tls_get_ctx(sk);
+ struct tls_context *ctx;
+
+ if (!sk_is_inet(sk) || !inet_test_bit(IS_ICSK, sk))
+ return false;
+ ctx = tls_get_ctx(sk);
if (!ctx)
return false;
return !!tls_sw_ctx_rx(ctx);
--
2.20.1
Powered by blists - more mailing lists